Adrian Johnson
TLDR:
- Hackers created 250 npm packages mimicking popular AWS and Microsoft projects, containing malicious code.
- Sonatype researchers found packages with reverse shell and RCE exploits, exposing supply chain security issues.
Hackers recently targeted npm packages, creating 250 malicious ones that imitated popular AWS, Microsoft, and other open-source projects. These packages contained active reverse shell and remote code execution (RCE) exploits. The creator, a Russian hacker claiming to be a bug bounty hunter, sold these malicious packages, raising ethical concerns in the cybersecurity research community. Sonatype research revealed a total of 260 malicious npm packages posing as authentic libraries, emphasizing the ongoing supply chain security problem. The packages, designed to target AI and LLM developers and Microsoft-dependent organizations, highlight the risks of depending on open-source ecosystems. This incident, named sonatype-2024-2066, showcases the fine line between security research and cybercrimes within the npm ecosystem.
